CVE-2026-23263

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix page array leak d9f595b9a65e "iouring/zcrx: fix leaking pages on sg init fail" fixed a page leakage but didn't free the page array, release it as well...

CVE-2026-23261 nvme-fc: release admin tagset if init fails

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvmefabrics creates an NVMe/FC controller in following path: nvmfdevwrite - nvmfcreatectrl - nvmefccreatectrl - nvmefcinitctrl nvmefcinitctrl allocates the admin blk-mq resources right...

CVE-2026-23261

CVE-2026-23261 corresponds to a Linux kernel NVMe over Fabrics issue where nvme_fc_init_ctrl leaks admin blk-mq resources if subsequent steps fail during controller setup. The fix ensures the admin_tagset is freed by checking ctrl->ctrl.admin_tagset in the fail_ctrl path and calling nvme_remov...

CVE-2026-23261 nvme-fc: release admin tagset if init fails

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvmefabrics creates an NVMe/FC controller in following path: nvmfdevwrite - nvmfcreatectrl - nvmefccreatectrl - nvmefcinitctrl nvmefcinitctrl allocates the admin blk-mq resources right...

CVE-2026-23261

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvmefabrics creates an NVMe/FC controller in following path: nvmfdevwrite - nvmfcreatectrl - nvmefccreatectrl - nvmefcinitctrl nvmefcinitctrl allocates the admin blk-mq resources right...

CVE-2026-23258 net: liquidio: Initialize netdev pointer before queue setup

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored in oct-propsi.netdev only after the calls to...

CVE-2026-23258 net: liquidio: Initialize netdev pointer before queue setup

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored in oct-propsi.netdev only after the calls to...

CVE-2026-2559 Post SMTP <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Office 365 OAuth Configuration Overwrite

The Post SMTP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoffice365oauthredirect function in all versions up to, and including, 3.8.0. This is due to the function being hooked to admininit without any currentusercan check ...

CVE-2026-32691 Timing ownership claim attack on new external back-end secrets

A race condition in the secrets management subsystem of Juju versions 3.0.0 through 3.6.18 allows an authenticated unit agent to claim ownership of a newly initialized secret. Between generating a Juju Secret ID and creating the secret's first revision, an attacker authenticated as another unit...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper initialization order of netdev pointers, potentially leading to memory leaks...

Linux Distros Unpatched Vulnerability : CVE-2026-23258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to release the admin tagset during initialization, potentially leading to memory leak...

PT-2026-26069

The Post SMTP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle office365 oauth redirect function in all versions up to, and including, 3.8.0. This is due to the function being hooked to admin init without any current user can...

GL-iNet Comet 安全漏洞

GL-iNet Comet is a portable, multi-functional network device developed by GL-iNet Corporation in China. There is a security vulnerability in GL-iNet Comet, which stems from the lack of certificate verification during the initialization process when connecting to the GL-iNet site. This vulnerabili...

ROS-20260317-73-0012

A vulnerability in the inodeaddref function of the Linux kernel is related to incorrect resource initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EulerOS Virtualization 2.12.1 : gnutls (EulerOS-SA-2026-1428)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization...

ROS-20260317-73-0015

A vulnerability in the kzalloc function of the irqsim component of the Linux kernel is related to incorrect resource initialization. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

ROS-20260317-73-0018

A vulnerability in the doinsnioctl function of the comedi component of the Linux kernel is related to incorrect resource initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260317-73-0011

A vulnerability in the i2cdwxferinit function of the drivers/i2c/busses/i2c-designware-master.c module of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory as a result of incorrect resource initialization. Exploitation of the vulnerability could...

EulerOS Virtualization 2.12.0 : gnutls (EulerOS-SA-2026-1485)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization...